<?php

namespace app\backstage\controller;

use think\Request;
use app\backstage\model\Role;

class BaseAuth extends BaseLogin
{
    public function __construct(Request $request)
    {
        parent::__construct($request);

        $this->checkAuth($request);

    }


    public function checkAuth($request){

        $ac = $request->controller().'/'.$request->action();  //获取当前请求的控制器、方法

//        dump($ac);exit;

        $role_id = $request->role_id; //登录中间件的传值 角色id

        if($request->admin_id==1 || $role_id==0){
//            $request->admin_id=$request->admin_id;
            return true;
        }

        $authList = Role::where('id',$role_id)->value('auth_list');


        if($authList){
            //验证权限
            $authList = json_decode($authList,true);

            $flag = in_array($ac,$authList);

        }else{
            $flag = false;
        }


        if(!$flag){
            if($request->isAjax()){
                return json(['code'=>103,'msg'=>'无权限操作']);
            }else{
                echo <<<DDD
                <script>

                    
                    if(window.name){
                        var index = parent.layer.getFrameIndex();

                        parent.layer.close(index);
                    }
                    parent.layer.msg("无权限操作", {icon: 5,time:1000});
                </script>
DDD;
                exit;
            }
        }

    }
}